Position Summary...
What you'll do...
The Principal, Risk Expert provides operational leadership and analyst enablement for Walmart's External Party Risk Management program. This role applies deep expertise in external party risk, the latest NIST cybersecurity standards, and strong Agile DevOps and full-stack technical fluency to drive consistent execution, mature processes, and scalable risk outcomes. The principal partners closely with Walmart Global Tech, InfoSec, and business leaders to align and streamline risk processes, support effective use of risk tools, and deliver timely, data-informed insights that enable strategic decision making across a global organization. This role serves as a principal-level expert responsible for providing operational leadership and analyst enablement within Walmart's External Party Risk Management program. The Principal, Risk Expert operates with broad autonomy and enterprise scope, applying deep External Party Risk Management expertise, strong knowledge of the latest NIST cybersecurity standards, and a solid understanding of Agile DevOps and full-stack technologies to drive consistent execution, mature processes, and scalable outcomes.
The role partners closely with Walmart Global Tech, InfoSec, and business stakeholders to support and evolve risk tools and workflows, while ensuring analysts are equipped to deliver timely, consistent, and high-quality risk assessments. The focus is on strengthening day-to-day operations, improving prioritization, and enabling more data-informed and continuous risk monitoring to support global teams and leadership. Scope and Impact
Enterprise-wide scope with global reach across Walmart Global Tech and InfoSec
Recognized authority in External Party Risk Management and NIST cybersecurity controls.
Drives operational consistency, process maturity, and analyst effectiveness.
Enables leadership decision making through timely, reliable risk insights.
Supports scalable risk operations across regions and business segments.
Informs and influences technology solutions through strong Agile DevOps and full-stack technical understanding.
Key Responsibilities
Provide operational leadership for the External Party Risk Management program, ensuring effective execution of assessments, issue management, and ongoing monitoring.
Serve as a subject matter expert in External Party Risk Management and the latest NIST Cybersecurity Framework, advising stakeholders and leadership on standards and expectations.
Enable and mentor analysts through clear processes, training, tooling alignment, and performance expectations.
Drive consistency and standardization across External Party Risk Management workflows, methodologies, and documentation.
Establish and manage prioritization of work to align risk efforts with business needs, regulatory requirements, and risk appetite.
Partners with engineering and development teams use Agile DevOps practices to support and enhance tools that enable External Party Risk Management processes.
Apply working knowledge of full-stack technologies, including cloud platforms, APIs, microservices, and data integrations, to effectively collaborate with technical teams and influence solutions.
Translate External Party Risk Management and NIST cybersecurity requirements into practical, scalable operational and technical requirements.
Collaborate across Walmart Global Tech to align and streamline risk processes and eliminate duplication.
Extend External Party Risk Management support globally, ensuring consistent application of standards and processes across regions.
Build and maintain strong relationships with organizational verticals and leadership to deliver mission-critical risk data for strategic decision making at the speed of business.
Support the evolution toward more continuous, data-informed risk monitoring through the use of aggregated assessment data, attestations, and external data sources.
Define and track key metrics to measure program effectiveness, efficiency, and outcomes.
Core Competencies
Deep expertise in External Party Risk Management and third-party risk frameworks
Strong knowledge of the latest NIST Cybersecurity Framework and NIST cybersecurity controls
Solid understanding of Agile DevOps methodologies and delivery practices
Working knowledge of full-stack development technologies, including cloud-native architectures, APIs, microservices, and data platforms
Proven operational leadership and analyst enablement experience.
Excellent written and verbal communication skills, with the ability to influence and align global stakeholders.
Ability to build trusted partnerships across organizational verticals and regions.
Strong execution discipline, prioritization, and process optimization skills
Strategic mindset balanced with direct operational execution
Comfort operates in ambiguity and drives clarity.
Required Qualifications
Master's degree in information security, Risk Management, Cybersecurity, or a related field
Active CISSP (Certified Information Systems Security Professional) certification
Experience in External Party Risk Management or Third-party risk management
Demonstrated experience applying NIST cybersecurity controls in risk assessments and monitoring activities.
Demonstrated ability to partner effectively with engineering teams using Agile DevOps practices.
Working knowledge of full-stack technologies sufficient to influence design, integration, and delivery decisions
Proven ability to scale and mature risk operations in a global environment.
Differentiators for Principal Level
Operate independently with minimal oversight.
Recognized as a trusted expert and advisor within External Party Risk Management
Influences execution and outcomes beyond immediate team boundaries
Bridges risk, operations, and technology through strong technical fluency.
Delivers sustained impact through operational excellence and enablement.
At Walmart, we offer competitive pay as well as performance-based bonus awards and other great benefits for a happier mind, body, and wallet. Health benefits include medical, vision and dental coverage. Financial benefits include 401(k), stock purchase and company-paid life insurance. Paid time off benefits include PTO (including sick leave), parental leave, family care leave, bereavement, jury duty, and voting. Other benefits include short-term and long-term disability, company discounts, Military Leave Pay, adoption and surrogacy expense reimbursement, and more. You will also receive PTO and/or PPTO that can be used for vacation, sick leave, holidays, or other purposes. The amount you receive depends on your job classification and length of employment. It will meet or exceed the requirements of paid sick leave laws, where applicable. For information about PTO, see https://one.walmart.com/notices . Live Better U is a Walmart-paid education benefit program for full-time and part-time associates in Walmart and Sam's Club facilities. Programs range from high school completion to bachelor's degrees, including English Language Learning and short-form certificates. Tuition, books, and fees are completely paid for by Walmart.
Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to a specific plan or program terms.
For information about benefits and eligibility, see One.Walmart (https://one.walmart.com/) .
Herndon, Virginia US-10710: The annual salary range for this position is $132,000.00 - $264,000.00
Bentonville, Arkansas US-09050: The annual salary range for this position is $110,000.00 - $220,000.00 Additional compensation includes annual or quarterly performance bonuses. Additional compensation for certain positions may also include :
Stock
?
?
?
?
?
Minimum Qualifications...
Outlined below are the required minimum qualifications for this position. If none are listed, there are no minimum qualifications.
Option 1: Bachelor's degree in computer science, information technology, engineering, information systems, cybersecurity, or related area and 5years' experience in cybersecurity risk or related area at a technology, retail, or data-driven company.
Option 2: 7 years' experience in cybersecurity risk or related area at a technology, retail, or data-driven company.
Preferred Qualifications...
Outlined below are the optional preferred qualifications for this position. If none are listed, there are no preferred qualifications.
Certification in Security+, GISF, GSEC, CISA, CISSP, CCSP, or CISM, Master's degree in computer science, information technology, engineering, information systems, cybersecurity or related area and 3 years' experience leading information security or cybersecurity projects, We value candidates with a background in creating inclusive digital experiences, demonstrating knowledge in implementing Web Content Accessibility Guidelines (WCAG) 2.2 AA standards, assistive technologies, and integrating digital accessibility seamlessly. The ideal candidate would have knowledge of accessibility best practices and join us as we continue to create accessible products and services following Walmart's accessibility standards and guidelines for supporting an inclusive culture.
CISA - Certified Information Systems Auditor - Certification, CISSP - Certified Information Systems Security Professional - Certification
Primary Location...
2245 Monroe St, Herndon, VA 20171, United States of America
Walmart and its subsidiaries are committed to maintaining a drug-free workplace and has a no tolerance policy regarding the use of illegal drugs and alcohol on the job. This policy applies to all employees and aims to create a safe and productive work environment.
Walmart, Inc. is an Equal Opportunity Employer- By Choice. We believe we are best equipped to help our associates, customers, and the communities we serve live better when we really know them. That means understanding, respecting, and valuing diversity- unique styles, experiences, identities, abilities, ideas and opinions- while being inclusive of all people.
